<?
/*
Bitsand - a web-based booking system for LRP events
Copyright (C) 2006 Russell Peter Phillips

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/

include ('inc_head_db.php');
include ('inc_admin.php');
?>
<script>
//Function to tick/untick all checkboxes
function fn_TickAllNone (bChecked) {
	//Loop through all elements in the form
	for (i = 0; i < document.forms [0].length; i++)
		//Checkboxes have name prefixed with 'chk'
		if (document.forms [0].elements [i].name.slice (0,3) == 'chk')
			document.forms [0].elements [i].checked = bChecked
}
</script>
<?
include ('inc_head_html.php');

//If (int) $chk > 0 then this is a ticked checkbox. update bookings table
foreach ($_POST as $chk) {
	if ((int) $chk > 0)
		$aiPlayerIDs [] = (int) $chk;

	//Set up UPDATE & SELECT queries
	if (count ($aiPlayerIDs) > 0) {
		$sql_update = "UPDATE bookings SET bkDatePaymentConfirmed = '" . date ('Y-m-d') . "' WHERE bkPlayerID = " . $aiPlayerIDs [0];
		$key = CRYPT_KEY;
		$sql_select = "SELECT AES_DECRYPT(plFirstName, '$key') AS dFirstName, AES_DECRYPT(plSurname, '$key') AS dSurname, ";
		$sql_select .= "AES_DECRYPT(plEmail, '$key') AS dEmail FROM players WHERE plPlayerID = " . $aiPlayerIDs [0];
		//Build up UPDATE & SELECT queries to set paid date & get e-mail addresses
		if (count ($aiPlayerIDs) > 1) {
			for ($i = 1; $i < count ($aiPlayerIDs); $i++) {
				$sql_update .= " OR bkPlayerID = " . $aiPlayerIDs [$i];
				$sql_select .= " OR plPlayerID = " . $aiPlayerIDs [$i];
			}
		}
	}
}

//Run UPDATE query to set paid date
mysqli_query ($link, $sql_update);
//Run SELECT query and send e-mails
$result = mysqli_query ($link, $sql_select);
while ($row = mysqli_fetch_assoc ($result)) {
	$sBody = "Your payment for the upcoming Lions event has been received and you have been marked as paid.\nYou are now fully booked.\n\nThank you.\n\n";
	$sBody .= "Player ID: " . PID_PREFIX . sprintf ('%03s', $PLAYER_ID) . "\n";
	$sBody .= "OOC Name: " . $row ['dFirstName'] . " " . $row ['dSurname'];
	mail ($row ['dEmail'], 'Lions booking - marked paid', $sBody, "From:Lions booking <lionsbooking@phillipsuk.org>");
}

//Get list of players booked but not marked as paid
$key = CRYPT_KEY;
$sql = "SELECT plPlayerID, " . 
	"AES_DECRYPT(plFirstName, '$key') AS dFirstName, " .
	"AES_DECRYPT(plSurname, '$key') AS dSurname, " .
	"AES_DECRYPT(plBookAs, '$key') AS dBookAs, " .
	"chName, " .
	"bkDateOOCConfirmed, " .
	"bkDateICConfirmed, " .
	"bkDatePaymentConfirmed " .
	"FROM players, characters, bookings " .
	"WHERE plPlayerID = chPlayerID AND chPlayerID = bkPlayerID AND " .
	"bkDateOOCConfirmed <> '0000-00-00' AND bkDateICConfirmed <> '0000-00-00' AND bkDatePaymentConfirmed = '0000-00-00' ORDER BY ";
switch ($_GET ['sort']) {
case 'ooc':
	$sql .= 'dFirstName, plPlayerID';
	break;
case 'ic':
	$sql .= 'chName, plPlayerID';
	break;
case 'book':
	$sql .= 'dBookAs, plPlayerID';
	break;
default:
	$sql .= 'plPlayerID';
	break;
}
$result = mysqli_query ($link, $sql);
?>

<h1><?=TITLE?> - Payments Received</h1>

<p>
<a href = 'admin.php'>Admin</a>
</p>

<p>
The following people have booked, but are not marked as paid. Click on a column header to sort by that column.
</p>

<form action = 'admin_markpaid.php' method = 'post'>

<table border = '1'>
<tr>
<th>Select</th>
<th><a href = "admin_markpaid.php?sort=pid">Player ID</a></th>
<th><a href = "admin_markpaid.php?sort=ooc">OOC Name</a></th>
<th><a href = "admin_markpaid.php?sort=ic">IC Name</a></th>
<th><a href = "admin_markpaid.php?sort=book">Booking As</a></th>
</tr>

<?
while ($row = mysqli_fetch_assoc ($result)) {
	echo "<tr class = 'highlight'><td class = 'mid'><input type = 'checkbox' name = 'chkPl" . $row ['plPlayerID'] . "' value = '" .
		$row ['plPlayerID'] . "'></td>";
	echo "<td>" . PID_PREFIX . sprintf ('%03s', $row ['plPlayerID']) . "</td>";
	echo "<td>" . htmlentities (stripslashes ($row ['dFirstName'])) . " " . htmlentities (stripslashes ($row ['dSurname'])) . "</td>";
	echo "<td>" . htmlentities (stripslashes ($row ['chName'])) . "</td>";
	echo "<td>" . htmlentities (stripslashes ($row ['dBookAs'])) . "</td>";
}
?>

</table>
<script>
document.write ("<p><a href = '#' onclick = 'fn_TickAllNone (true)'>Tick all boxes</a>")
document.write ("&nbsp;-&nbsp;<a href = '#' onclick = 'fn_TickAllNone (false)'>Untick all boxes</a></p>")
</script>

<p>
<input type = 'submit' value = 'Submit' name = 'btnSubmit'>&nbsp;
<input type = 'reset' value = 'Reset'>
</p>
</form>

<?
include ('inc_foot.php');
?>
